As a company that takes data security and privacy very seriously, we recognise that Get WorkGear information security practices are important to you. Below we have provided some general information to give you confidence in how we secure the data entrusted to us.
- We use datacentres located in New Zealand with access protected by smart cards, CCTV cameras and other security measures.
- Firewalls are used to detect and prevent internet based attacks.
- Our servers are protected with anti-malware software.
- Backups are taken daily and stored in a separate location.
- Security logs and alerts are reviewed on a regular basis by our internal team.
- We perform regular external security penetration tests throughout the year using an independent third party. The tests involve high-level server penetration tests and in-depth testing for vulnerabilities inside the application.
- We perform monthly external vulnerability scans.
- Get WorkGear account passwords are hashed. Our own staff can’t even view them. If you lose your password, it can’t be retrieved – it must be reset
- All login pages pass data via TLS.
- The entire Get WorkGear application is encrypted with TLS.
- Login pages have brute force protection.
- Admin access to the Get WorkGear servers is secured using multi-factor authentication.
- Our team uses multi-factor authentication when remotely accessing our internal systems (which are cloud based).